Skills

Leadership CI/CD Change Management SDLC CI/CD Pipelines Microservices

Job Specifications

Partnered with a VC backed Fintech organisation I'm looking for a Senior Application Security Engineer to embed application security into there product development lifecycle and CI/CD pipelines. This is an individual contributor role working closely with engineering, SRE and product teams to assess, improve, and scale AppSec across a high‑volume transactional platform.

Review current application and API landscape, tooling and processes
Identify gaps and risks, then design pragmatic mitigation plans
Integrate security into CI/CD, SDLC and change management processes
Coach and enable software engineers to build secure products by default

Discovery & Assessment

Conduct a structured review of existing web applications and APIs
Map current AppSec controls, tooling and processes across the SDLC
Identify critical vulnerabilities, systemic weaknesses and quick wins
Triage and prioritise issues based on risk and business impact

Engineering & Implementation

Embed security controls into CI/CD pipelines (e.g. SAST, DAST, SCA, secrets scanning)
Partner with SRE and engineering teams on secure architectures and patterns
Define and implement secure coding standards and best practices
Drive threat modeling for key products and high‑risk changes
Support/oversee application pen testing activities as needed

Enablement & Ways of Working

Work closely with product and engineering leads to “shift left” on security
Coach and mentor engineers on secure design, coding and review practices
Create lightweight, usable security guidelines and playbooks for teams
Influence roadmaps so that security is considered upfront in new product development

Strategy & Roadmap

Contribute to the AppSec roadmap and longer‑term security strategy
Recommend and help select security tools and services
Provide regular visibility on risk, progress and priorities to engineering leadership

Core Experience

Strong application security background with prior software engineering experience
Deep understanding of how AppSec fits into modern engineering environments
CI/CD pipelines, cloud‑native architectures, microservices and APIs
Secure SDLC and change management practices
Hands‑on experience with:
Web application security
API security
Threat modeling
Secure coding and code reviews
Common AppSec tooling (SAST/DAST/SCA, secrets scanning, etc.)

Please submit your application if your profile matches the criteria.

About the Company

Siena Partnership is a boutique consultancy providing executive search, interim management, delivery teams and advisory services. We connect high-performing professionals from technology, change, finance and operations across multiple sectors. For further insight into the business please visit our website. http://www.thesienapartnership.com Know more